Privacy Policy

Last updated: December 19, 2024

1. Information We Collect

We collect information you provide directly to us, such as when you create an account, use our services, or contact us for support.

Personal Information:

  • Name and contact information (email address)
  • Account credentials and authentication data
  • Payment and billing information
  • Communication preferences and settings

Usage Information:

  • Service usage patterns and analytics
  • Chatbot interactions and performance data
  • Document processing and storage metrics
  • Technical logs and error reports

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send technical notices, updates, and support messages
  • Respond to your comments, questions, and requests
  • Monitor and analyze usage patterns and trends
  • Detect, investigate, and prevent fraudulent activity
  • Comply with legal obligations and enforce our terms

3. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties, except in the following circumstances:

  • Service Providers: We may share information with trusted third-party service providers who assist us in operating our platform
  • Legal Requirements: We may disclose information if required by law or in response to valid legal requests
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred
  • Protection of Rights: We may disclose information to protect our rights, property, or safety

4. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Encryption of data in transit using TLS 1.3
  • Secure password hashing using industry-standard algorithms
  • Role-based access controls and authentication mechanisms
  • Secure file storage with UUID-based naming
  • Complete data isolation between different users

5. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services and maintain your account
  • Comply with legal and regulatory requirements
  • Resolve disputes and enforce our agreements
  • Improve our services and develop new features

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

6. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Receive your data in a portable format
  • Restriction: Limit how we process your information
  • Objection: Object to certain processing activities

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze how you use our services
  • Provide personalized content and features
  • Improve our services and user experience

You can control cookie settings through your browser preferences, though disabling certain cookies may affect service functionality.

8. Chatbot Data Processing

When you use our chatbot services, we process data as follows:

  • Document Processing: Uploaded files are processed to create AI embeddings for chatbot responses
  • Conversation Logs: Chat interactions are logged for service improvement and debugging
  • Domain Restrictions: Chatbots only respond on domains you authorize
  • Data Isolation: Your chatbot data is completely separate from other users
  • Usage Tracking: Token usage and storage consumption are monitored for billing purposes

9. Third-Party Services

Our services may integrate with third-party services and APIs:

  • OpenAI: For AI model processing and responses (Privacy Policy: https://openai.com/privacy/)
  • Stripe: For payment processing and billing (Privacy Policy: https://stripe.com/privacy)
  • Qdrant: For vector database and embeddings (Privacy Policy: https://qdrant.tech/privacy-policy/)
  • Google OAuth: For optional third-party authentication (Privacy Policy: https://policies.google.com/privacy)
  • Font Awesome: For icon services (Privacy Policy: https://fontawesome.com/privacy)
  • Google Fonts: For typography services (Privacy Policy: https://policies.google.com/privacy)

These services have their own privacy policies, and we encourage you to review them.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data during such transfers, including:

  • Standard contractual clauses approved by data protection authorities
  • Adequacy decisions for certain countries
  • Other appropriate safeguards as required by law

11. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Sending an email notification to your registered email address
  • Displaying a prominent notice on our platform

Your continued use of our services after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@chatzo.cloud

Data Protection Officer: dpo@chatzo.cloud

Address: 22, 14th street NW, Atlanta, Georgia, USA 30309

Company: Extreme Digital Studio LLP

14. Payment Processing and Billing Information

We collect and process billing information through our payment processor Stripe to facilitate transactions:

  • Billing Address: Required for tax compliance and fraud prevention
  • Payment Method: Processed securely through Stripe's PCI-compliant infrastructure
  • Transaction Records: Maintained for accounting and customer support purposes
  • Tax Information: Collected where required by applicable tax laws

All payment data is encrypted and processed according to PCI DSS standards. We do not store complete payment card information on our servers.

15. Data Protection Authority

If you are located in the European Union and have concerns about our data processing practices, you have the right to lodge a complaint with your local data protection authority. We would, however, appreciate the opportunity to address your concerns before you approach the authority.

Create Account Back to Home